Okay, now we at least know the config line is at actually read.
What happens when you change the order of the config lines or assign them shorter names? Am 12.05.21 um 01:41 schrieb Karuna Sagar Krishna:
Yes, I tried that i.e. added some garbage line to ipsec.conf and issued `sudo ipsec update`. And I see the errors in the logs as expected. Later I reverted the garbage lines and issued `sudo ipsec update` but the issue remains i.e. no errors in the logs but the statusall hasn't changed. May 11 23:20:03 hn1-kkafka ipsec[4941]: # unknown keyword 'something' May 11 23:20:03 hn1-kkafka ipsec[4941]: ### 1 parsing error (0 fatal) ### May 11 23:23:26 hn1-kkafka ipsec[4941]: # unknown keyword 'garbage' May 11 23:23:26 hn1-kkafka ipsec[4941]: message repeated 8 times: [ # unknown keyword 'garbage'] May 11 23:23:26 hn1-kkafka ipsec[4941]: # unknown keyword 'garbage' --karuna On Tue, May 11, 2021 at 4:17 PM Noel Kuntze <noel.kuntze@thermi.consulting> wrote: Hi, please verify that the config file is actually used. For example add a deliberate syntax error. Like just garbage on a line. Check if the daemon and/or ipsec complains about that. Am 12.05.21 um 01:15 schrieb Karuna Sagar Krishna: > Thanks for the quick replies! > > Running `sudo ipsec update` or `sudo ipsec reload` is effectively a no-op. Captured the terminal output below: > > > > karkrish@hn1-kkafka:~$ sudo ipsec statusall > Status of IKE charon daemon (strongSwan 5.6.2, Linux 5.4.0-1046-azure, x86_64): > uptime: 2 hours, since May 11 20:42:06 2021 > malloc: sbrk 2703360, mmap 0, used 847536, free 1855824 > worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2 > loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters > Listening IP addresses: > 10.0.0.14 > Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.15 IKEv2 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.14 IKEv2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > Routed Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: ROUTED, TRANSPORT, reqid 1 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: ROUTED, TRANSPORT, reqid 2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> > Security Associations (1 up, 0 connecting): > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: ESTABLISHED 2 hours ago, 10.0.0.14[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>]...10.0.0.15[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKEv2 SPIs: 1536ce9853bef399_i c00b62dfefa5f4ce_r*, public key reauthentication in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: INSTALLED, TRANSPORT, reqid 1, ESP SPIs: c73ba254_i c0ffd04a_o > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: AES_CBC_256/HMAC_SHA2_256_128, 220940 bytes_i (3942 pkts, 0s ago), 891540 bytes_o (2902 pkts, 1444s ago), rekeying in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > > karkrish@hn1-kkafka:~$ sudo ipsec update > Updating strongSwan IPsec configuration... > > karkrish@hn1-kkafka:~$ echo $? > 0 > > karkrish@hn1-kkafka:~$ sudo ipsec statusall > Status of IKE charon daemon (strongSwan 5.6.2, Linux 5.4.0-1046-azure, x86_64): > uptime: 2 hours, since May 11 20:42:06 2021 > malloc: sbrk 2703360, mmap 0, used 847984, free 1855376 > worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2 > loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters > Listening IP addresses: > 10.0.0.14 > Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.15 IKEv2 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.14 IKEv2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > Routed Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: ROUTED, TRANSPORT, reqid 1 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: ROUTED, TRANSPORT, reqid 2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> > Security Associations (1 up, 0 connecting): > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: ESTABLISHED 2 hours ago, 10.0.0.14[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>]...10.0.0.15[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKEv2 SPIs: 1536ce9853bef399_i c00b62dfefa5f4ce_r*, public key reauthentication in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: INSTALLED, TRANSPORT, reqid 1, ESP SPIs: c73ba254_i c0ffd04a_o > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: AES_CBC_256/HMAC_SHA2_256_128, 226680 bytes_i (4045 pkts, 0s ago), 900068 bytes_o (2959 pkts, 1455s ago), rekeying in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > > karkrish@hn1-kkafka:~$ sudo ipsec reload > Reloading strongSwan IPsec configuration... > > karkrish@hn1-kkafka:~$ echo $? > 0 > > karkrish@hn1-kkafka:~$ sudo ipsec statusall > Status of IKE charon daemon (strongSwan 5.6.2, Linux 5.4.0-1046-azure, x86_64): > uptime: 2 hours, since May 11 20:42:06 2021 > malloc: sbrk 2703360, mmap 0, used 847840, free 1855520 > worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2 > loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters > Listening IP addresses: > 10.0.0.14 > Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.15 IKEv2 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: 10.0.0.14...10.0.0.14 IKEv2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] uses public key authentication > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>" > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>: child: dynamic === dynamic TRANSPORT > Routed Connections: > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: ROUTED, TRANSPORT, reqid 1 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{5}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: ROUTED, TRANSPORT, reqid 2 > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{2}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> > Security Associations (1 up, 0 connecting): > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: ESTABLISHED 2 hours ago, 10.0.0.14[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>]...10.0.0.15[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>] > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKEv2 SPIs: 1536ce9853bef399_i c00b62dfefa5f4ce_r*, public key reauthentication in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>[11]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: INSTALLED, TRANSPORT, reqid 1, ESP SPIs: c73ba254_i c0ffd04a_o > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: AES_CBC_256/HMAC_SHA2_256_128, 234876 bytes_i (4189 pkts, 0s ago), 910520 bytes_o (3037 pkts, 1474s ago), rekeying in 5 hours > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>{3}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> > > On Tue, May 11, 2021 at 4:11 PM Noel Kuntze <noel.kuntze@thermi.consulting> wrote: > > Alright, found it. > > Please verify that it's the actual ipsec.conf that is loaded because there also aren't any errors regarding config files logged. > What happens when you run "ipsec update" or "ipsec reload" from the terminal? > > Kind regards > Noel > > Am 12.05.21 um 01:09 schrieb Noel Kuntze: > > Okay, what's your complete ipsec.conf? Can you send it? > > > > Kind regards > > Noel > > > > Am 12.05.21 um 00:54 schrieb Karuna Sagar Krishna: > >> Attaching full charon logs. > >> > >> Can you help with the ipsec.conf interface. I'll plan to switch to swanctl going forward, but currently this is blocking our releases. > >> > >> --karuna > >> > >> > >> On Tue, May 11, 2021 at 2:54 PM Noel Kuntze <noel.kuntze+strongswan-users-ml@thermi.consulting> wrote: > >> > >> Hi, > >> > >> Full logs please, as shown on the HelpRequests[1] page on the wiki. > >> Also, it's strongly recommended to use swanctl instead if possible. That's the better configuration backend. > >> > >> Kind regards > >> Noel > >> > >> [1] https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests> <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests>> <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests> <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests <https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests>>> > >> > >> Am 11.05.21 um 23:50 schrieb Karuna Sagar Krishna: > >> > Hi, > >> > > >> > I'm setting up a IPSec connection between a bunch of Ubuntu 18.04 LTS nodes. I'm using Strongswan (Linux strongSwan U5.6.2/K5.4.0-1046-azure) on the Ubuntu nodes. The number of nodes is dynamic i.e. there are frequent scale out/ins. So the ipsec.conf file (see attached) is updated with additional conn sections and `sudo ipsec update` is used to reload the config file. However, I've noticed intermittent network connectivity issues and the syslog shows -> "no IKE config found for 10.0.0.14...10.0.0.18, sending NO_PROPOSAL_CHOSEN". Clearly, the ipsec status shows that the daemon has not reloaded the config irrespective of issuing `sudo ipsec update` multiple times. > >> > > >> > Can you help understand why the config is not updated and how to fix this issue? > >> > > >> > > >> > > >> > IPSec status: > >> > ----------------- > >> > > >> > > sudo ipsec statusall > >> > > >> > Status of IKE charon daemon (strongSwan 5.6.2, Linux 5.4.0-1046-azure, x86_64): > >> > uptime: 45 minutes, since May 11 20:42:07 2021 > >> > malloc: sbrk 2703360, mmap 0, used 778800, free 1924560 > >> > worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2 > >> > loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters > >> > Listening IP addresses: > >> > 10.0.0.14 > >> > Connections: > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: 10.0.0.14...10.0.0.15 IKEv2 > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>] uses public key authentication > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>" > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>] uses public key authentication > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>" > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: child: dynamic === dynamic TRANSPORT > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: 10.0.0.14...10.0.0.14 IKEv2 > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: local: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>] uses public key authentication > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>" > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: remote: [CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>] uses public key authentication > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: cert: "CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>" > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>: child: dynamic === dynamic TRANSPORT > >> > /*Routed Connections: > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{2}: ROUTED, TRANSPORT, reqid 2 > >> > hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn1-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{2}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>>> === 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>>> > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{1}: ROUTED, TRANSPORT, reqid 1 > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{1}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>>>>*/ > >> > Security Associations (1 up, 0 connecting): > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>[11]: ESTABLISHED 26 minutes ago, 10.0.0.14[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> > <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>]...10.0.0.15[CN=IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net> <http://IP-37fa1445fc.hdinsight-stable.azure-test.net <http://IP-37fa1445fc.hdinsight-stable.azure-test.net>>>>] > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>[11]: IKEv2 SPIs: 1536ce9853bef399_i c00b62dfefa5f4ce_r*, public key reauthentication in 7 hours > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>[11]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{3}: INSTALLED, TRANSPORT, reqid 1, ESP SPIs: c73ba254_i c0ffd04a_o > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{3}: AES_CBC_256/HMAC_SHA2_256_128, 44961 bytes_i (822 pkts, 0s ago), 193357 bytes_o (570 pkts, 1557s ago), rekeying in 7 hours > >> > hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net> <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net <http://hn0-kkafka.p0gi1uxxaaeebnlz4hfuq0bvkf.dx.internal.cloudapp.net>>>>{3}: 10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>> <http://10.0.0.14/32 <http://10.0.0.14/32> <http://10.0.0.14/32 <http://10.0.0.14/32>>>> === 10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>> <http://10.0.0.15/32 <http://10.0.0.15/32> <http://10.0.0.15/32 <http://10.0.0.15/32>>>> > >> > > >> > > >> > Charon logs: > >> > ----------------- > >> > > >> > May 11 21:23:20 hn1-kkafka charon: 09[NET] received packet: from 10.0.0.18[500] to 10.0.0.14[500] (536 bytes) > >> > May 11 21:23:20 hn1-kkafka charon: 09[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V V V ] > >> > May 11 21:23:20 hn1-kkafka charon: 09[IKE] /*no IKE config found for 10.0.0.14...10.0.0.18, sending NO_PROPOSAL_CHOSEN*/ > >> > May 11 21:23:20 hn1-kkafka charon: 09[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ] > >> > May 11 21:23:20 hn1-kkafka charon: 09[NET] sending packet: from 10.0.0.14[500] to 10.0.0.18[500] (36 bytes) > >> > > >> > --karuna > >> > > >> > > > > > >
OpenPGP_signature
Description: OpenPGP digital signature